Index

• Get backend infos (whatweb and wafwoof)
• Enumerate directories and files
• Enumerate subdomains
• Use automatic tool to audit web app
• Check .git exposure
• Test Clickjacking vulnerability
• IIS (Internet Information Services)
• Use Kerberos Authentication in Browser for Web Applications
• Web Penetration Test Enumeration Guide | Agr0 Hacks Stuff TO IMPLEMENT IN WIKI

Get backend infos and WAF (whatweb and wafw00f)

whatweb -a 3 "<http://target>:port"

wafw00f "<http://target>:port"

Enumerate directories and files

gobuster

gobuster dir -w /usr/share/wordlists -u http://<IP>:<PORT>/ -t <THREADS> -x <EXTENSIONS>

ffuf